“As of Monday, Textcube users were blocked from uploading MP3, WMA, WAV and other types of music files on their blogs, while existing songs were blinded and are now accessible only to the logged-in owners of the blogs,” says the story, going on:

Cross-Site Request Forgery (CSRF): While it isn't a specific kind of threat -- more like a technique used to spread a sophisticated social networking worm, CSRF attacks exploit the trust a social networking application has in a logged-in user's browser.

As Wired reported two weeks ago, "logged-in Facebook users will also be transmitting information about their travels around the Net to Facebook servers whenever they visit a page deploying the 'Like' button, regardless of whether they actually click that button or not."